• Title/Summary/Keyword: Public key cryptography

Search Result 238, Processing Time 0.024 seconds

Study on Improvement of Weil Pairing IBE for Secret Document Distribution (기밀문서유통을 위한 Weil Pairing IBE 개선 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.13 no.2
    • /
    • pp.59-71
    • /
    • 2012
  • PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

WWW Security Mechanism Using Plug-in and PGP (Plug-in 기법을 이용한 PGP 기반의 Web 보안 시스템 개발)

  • 김태갑;조은경;박정수;류재철
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1996.11a
    • /
    • pp.205-218
    • /
    • 1996
  • World Wide Web(WWW) has a lot of useful charaters. Easiness of use, multi-media data supporting and interactive communication capability are typical reasons why people want to use WWW. But because WWW is based on Internet, it has some security problems which originate in plain format data transmission on physical transmission line. The unique solution fer this problems is data encryption. Since theoritically proved encryption algorithms ensure data confidentiality, a unauthorized user can not know what is transmitted on network. In this paper, we propose a cryptography system which uses public key system. In detail, our public key based web security mechanism is using PGP module. PGP is a e-mail security system implemented by Phil Zimmermann. The basic idea of our propose is data encryption and integrity checking for all data which is transmitted on Web. To implement these facilities, we. use netscape browser extension technology, plug-in. Through these technology, security mechanisms are added on netscape browser.

  • PDF

A Design and Implementation of Secure Electronic Bidding System (인터넷 기반 전자입찰시스템의 보안 설계 및 구현)

  • 윤선희
    • Journal of the Korea Computer Industry Society
    • /
    • v.3 no.7
    • /
    • pp.861-870
    • /
    • 2002
  • The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and sewer, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority (CA).

  • PDF

Efficient Radix-4 Systolic VLSI Architecture for RSA Public-key Cryptosystem (RSA 공개키 암호화시스템의 효율적인 Radix-4 시스톨릭 VLSI 구조)

  • Park Tae geun
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.12C
    • /
    • pp.1739-1747
    • /
    • 2004
  • In this paper, an efficient radix-4 systolic VLSI architecture for RSA public-key cryptosystem is proposed. Due to the simple operation of iterations and the efficient systolic mapping, the proposed architecture computes an n-bit modular exponentiation in n$^{2}$ clock cycles since two modular multiplications for M$_{i}$ and P$_{i}$ in each exponentiation process are interleaved, so that the hardware is fully utilized. We encode the exponent using Radix-4. SD (Signed Digit) number system to reduce the number of modular multiplications for RSA cryptography. Therefore about 20% of NZ (non-zero) digits in the exponent are reduced. Compared to conventional approaches, the proposed architecture shows shorter period to complete the RSA while requiring relatively less hardware resources. The proposed RSA architecture based on the modified Montgomery algorithm has locality, regularity, and scalability suitable for VLSI implementation.

A Scalable ECC Processor for Elliptic Curve based Public-Key Cryptosystem (타원곡선 기반 공개키 암호 시스템 구현을 위한 Scalable ECC 프로세서)

  • Choi, Jun-Baek;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.25 no.8
    • /
    • pp.1095-1102
    • /
    • 2021
  • A scalable ECC architecture with high scalability and flexibility between performance and hardware complexity is proposed. For architectural scalability, a modular arithmetic unit based on a one-dimensional array of processing element (PE) that performs finite field operations on 32-bit words in parallel was implemented, and the number of PEs used can be determined in the range of 1 to 8 for circuit synthesis. A scalable algorithms for word-based Montgomery multiplication and Montgomery inversion were adopted. As a result of implementing scalable ECC processor (sECCP) using 180-nm CMOS technology, it was implemented with 100 kGEs and 8.8 kbits of RAM when NPE=1, and with 203 kGEs and 12.8 kbits of RAM when NPE=8. The performance of sECCP with NPE=1 and NPE=8 was analyzed to be 110 PSMs/sec and 610 PSMs/sec, respectively, on P256R elliptic curve when operating at 100 MHz clock.

Initial Authentication Protocol of Hadoop Distribution System based on Elliptic Curve (타원곡선기반 하둡 분산 시스템의 초기 인증 프로토콜)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol
    • Journal of Digital Convergence
    • /
    • v.12 no.10
    • /
    • pp.253-258
    • /
    • 2014
  • Recently, the development of cloud computing technology is developed as soon as smartphones is increases, and increased that users want to receive big data service. Hadoop framework of the big data service is provided to hadoop file system and hadoop mapreduce supported by data-intensive distributed applications. But, smpartphone service using hadoop system is a very vulnerable state to data authentication. In this paper, we propose a initial authentication protocol of hadoop system assisted by smartphone service. Proposed protocol is combine symmetric key cryptography techniques with ECC algorithm in order to support the secure multiple data processing systems. In particular, the proposed protocol to access the system by the user Hadoop when processing data, the initial authentication key and the symmetric key instead of the elliptic curve by using the public key-based security is improved.

An Efficient cryptography for healthcare data in the cloud environment (클라우드 환경에서 헬스케어 데이터를 위한 효율적인 암호화 기법)

  • Cho, Sung-Nam;Jeong, Yoon-Su;Oh, ChungShick
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.3
    • /
    • pp.63-69
    • /
    • 2018
  • Recently, healthcare services are using cloud services to efficiently manage users' healthcare data. However, research to ensure the stability of the user's healthcare data processed in the cloud environment is insufficient. In this paper, we propose a partial random encryption scheme that efficiently encrypts healthcare data in a cloud environment. The proposed scheme generates two random keys (p, q) generated by the user to optimize for the hospital medical service and reflects them in public key and private key generation. The random key used in the proposed scheme improves the efficiency of user 's healthcare data processing by encrypting only part of the data without encrypting the whole data. As a result of the performance evaluation, the proposed method showed 21.6% lower than the existing method and 18.5% improved the user healthcare data processing time in the hospital.

Fixing Security Flaws of URSA Ad hoc Signature Scheme (URSA 애드혹 서명 알고리즘의 오류 수정)

  • Yi, Jeong-Hyun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.4
    • /
    • pp.131-136
    • /
    • 2007
  • Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.

Analysis on Decryption Failure Probability of TiGER (TiGER의 복호화 실패율 분석)

  • Seungwoo Lee;Jonghyun Kim;Jong Hwan Park
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.2
    • /
    • pp.157-166
    • /
    • 2024
  • Probability of decryption failure of a public key cryptography based on LWE(learning with errors) is determined by its architecture and parameter settings. Since large decryption failure probability leads to attacks[1] on scheme as well as degradation of performance, TiGER[2], a Ring-LWE(R)-based KEM proposed for the first round of KpqC, tried to reduce the decryption failure probability by using error correction code Xef and D2 encoding method. However, D'Anvers et al. has shown that the commonly assumed independence of each bit error is not established since in the case of an encryption scheme based on Ring-LWE(R) using an error correction code, there is error dependency which is not negligible[3]. In this paper, since TiGER does not consider the error dependency, we calcualte the decryption failure probability of TiGER by considering the error dependency. In addition, we found that the bit error probability is incorrectly calculated in TiGER, so we present the correct calculation.

Implementation of a pipelined Scalar Multiplier using Extended Euclid Algorithm for Elliptic Curve Cryptography(ECC) (확장 유클리드 알고리즘을 이용한 파이프라인 구조의 타원곡선 암호용 스칼라 곱셈기 구현)

  • 김종만;김영필;정용진
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.5
    • /
    • pp.17-30
    • /
    • 2001
  • In this paper, we implemented a scalar multiplier needed at an elliptic curve cryptosystem over standard basis in $GF(2^{163})$. The scalar multiplier consists of a radix-16 finite field serial multiplier and a finite field inverter with some control logics. The main contribution is to develop a new fast finite field inverter, which made it possible to avoid time consuming iterations of finite field multiplication. We used an algorithmic transformation technique to obtain a data-independent computational structure of the Extended Euclid GCD algorithm. The finite field multiplier and inverter shown in this paper have regular structure so that they can be easily extended to larger word size. Moreover they can achieve 100% throughput using the pipelining. Our new scalar multiplier is synthesized using Hyundai Electronics 0.6$\mu\textrm{m}$ CMOS library, and maximum operating frequency is estimated about 140MHz. The resulting data processing performance is 64Kbps, that is it takes 2.53ms to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption & decryption and key exchange in real time embedded-processor environments.